THREAT ANALYSIS REPORT: Ragnar Locker Ransomware Targeting the Energy Sector
Tags
Common Information
| Type | Value |
|---|---|
| UUID | ad569c2d-2e2e-492a-9af7-e5290d1371c5 |
| Fingerprint | 640508d4da2180b2 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 1, 2022, midnight |
| Added to db | Jan. 16, 2023, 3:55 p.m. |
| Last updated | Nov. 17, 2024, 6:55 p.m. |
| Headline | THREAT ANALYSIS REPORT: Ragnar Locker Ransomware Targeting the Energy Sector |
| Title | THREAT ANALYSIS REPORT: Ragnar Locker Ransomware Targeting the Energy Sector |
| Detected Hints/Tags/Attributes | 81/2/52 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | File | 240 | wmic.exe |
|
| Details | File | 380 | notepad.exe |
|
| Details | File | 2 | rgnr_aabbccdd.txt |
|
| Details | File | 21 | locker.exe |
|
| Details | File | 1 | appcache133057346751796032.txt |
|
| Details | File | 345 | vssadmin.exe |
|
| Details | File | 3 | autoruns.inf |
|
| Details | File | 120 | boot.ini |
|
| Details | File | 3 | bootfront.bin |
|
| Details | File | 99 | bootsect.bak |
|
| Details | File | 196 | desktop.ini |
|
| Details | File | 101 | iconcache.db |
|
| Details | File | 193 | ntuser.dat |
|
| Details | File | 100 | ntuser.dat.log |
|
| Details | File | 66 | ntuser.ini |
|
| Details | File | 143 | thumbs.db |
|
| Details | File | 351 | recycle.bin |
|
| Details | sha256 | 1 | 041fd213326dd5c10a16caf88ff076bb98c68c052284430fba5f601023d39a14 |
|
| Details | sha256 | 1 | 04c9cc0d1577d5ee54a4e2d4dd12f17011d13703cdd0e6efd46718d14fd9aa87 |
|
| Details | sha256 | 1 | 0766beb30c575fc68d1ca134bd53c086d2ce63b040e4d0bbd6d89d8c26ca04f6 |
|
| Details | sha256 | 1 | 0aaa7a3596af6b1aae02b6e6ca878045360d467f96b0687363a9dce19ea60a36 |
|
| Details | sha256 | 1 | 10f9ad4e9f6e0dc1793be80203b258f8c5114d01cb17307c1b2fdcca37d4edf9 |
|
| Details | sha256 | 1 | 1318f8a4566a50537f579d24fd1aabcf7e22e89bc75ffd13b3088fc6e80e9a2a |
|
| Details | sha256 | 1 | 1472f5f559f90988f886d515f6d6c52e5d30283141ee2f13f92f7e1f7e6b8e9e |
|
| Details | sha256 | 1 | 1602d04000a8c7221ed0d97d79f3157303e209d4640d31b8566dd52c2b09d033 |
|
| Details | sha256 | 2 | 30dcc7a8ae98e52ee5547379048ca1fc90925e09a2a81c055021ba225c1d064c |
|
| Details | sha256 | 1 | 3b43751ed88e4d1f82cf52ca2d4477e3e35c35f08c1b4e3ab21c80720601e804 |
|
| Details | sha256 | 2 | 3bc8ce79ee7043c9ad70698e3fc2013806244dc5112c8c8d465e96757b57b1e1 |
|
| Details | sha256 | 1 | 5469182495d92a5718e0e1dcdf371e92b79724e427050154f318de693d341c89 |
|
| Details | sha256 | 1 | 5fc6f4cfb0d11e99c439a13b6c247ec3202a9a343df63576ce9f31cffcdbaf76 |
|
| Details | sha256 | 1 | 60233700ee64b9e5d054fa551688e8617328b194534a0fe645411685ce467128 |
|
| Details | sha256 | 2 | 63096f288f49b25d50f4aea52dc1fc00871b3927fa2a81fa0b0d752b261a3059 |
|
| Details | sha256 | 3 | 68eb2d2d7866775d6bf106a914281491d23769a9eda88fc078328150b8432bb3 |
|
| Details | sha256 | 1 | 6fd4ec6611bf7e691be80483bcf860e827d513df45e20d78f29cf4638b6c20e8 |
|
| Details | sha256 | 2 | 7af61ce420051640c50b0e73e718dd8c55dddfcb58917a3bead9d3ece2f3e929 |
|
| Details | sha256 | 1 | 91128776769d4f78dd177695df610463a0b05e2174ba76d0489b976b99cae223 |
|
| Details | sha256 | 1 | 9416e5a57e6de00c685560fa9fee761126569d123f62060792bf2049ebba4151 |
|
| Details | sha256 | 2 | 9706a97ffa43a0258571def8912dc2b8bf1ee207676052ad1b9c16ca9953fc2c |
|
| Details | sha256 | 1 | 9b62cdb57f4c34924333dfa3baefd993efeab68109580b682b074f0e73b63983 |
|
| Details | sha256 | 2 | 9bdd7f965d1c67396afb0a84c78b4d12118ff377db7efdca4a1340933120f376 |
|
| Details | sha256 | 1 | a8ee0fafbd7b84417c0fb31709b2d9c25b2b8a16381b36756ca94609e2a6fcf6 |
|
| Details | sha256 | 1 | ac16f3e23516cf6b22830c399b4aba9706d37adceb5eb8ea9960f71f1425df79 |
|
| Details | sha256 | 1 | afab912c41c920c867f1b2ada34114b22dcc9c5f3666edbfc4e9936c29a17a68 |
|
| Details | sha256 | 1 | b0d8f9aa9566245362d7e7443ab4add80ce90fbdf35a30df9a89e9dae5f22190 |
|
| Details | sha256 | 1 | b6663af099538a396775273d79cb6fff99a18e2de2a8a2a106de8212cc44f3e2 |
|
| Details | sha256 | 2 | b670441066ff868d06c682e5167b9dbc85b5323f3acfbbc044cabc0e5a594186 |
|
| Details | sha256 | 1 | b72beb391c75af52c6fb62561f26214b682f12d95660b128d9e21e18e3bff246 |
|
| Details | sha256 | 2 | c2bd70495630ed8279de0713a010e5e55f3da29323b59ef71401b12942ba52f6 |
|
| Details | sha256 | 1 | ce33096639fb5c51684e9e3a7c7c7161884ecad29e8d6ad602fd8be42076b8d4 |
|
| Details | sha256 | 1 | cf5ec678a2f836f859eb983eb633d529c25771b3b7505e74aa695b7ca00f9fa8 |
|
| Details | sha256 | 2 | dd5d4cf9422b6e4514d49a3ec542cffb682be8a24079010cda689afbb44ac0f4 |
|
| Details | sha256 | 2 | ec35c76ad2c8192f09c02eca1f263b406163470ca8438d054db7adcf5bfc0597 |